For an IT professional, the beauty of an office just might be its clear boundaries: a set of machines, servers, and firewalls neatly contained in one building.

Such a serene arrangement won’t hold, however, as employees work from home and send emails from personal phones, tablets, or maybe that random 3DS you’ve got in a drawer.

“The perimeter has vanished. It’s like a limitless border now,” said Anthony Oren, CEO of Nero Consulting. “A company could have employees all over the country, in different homes. And we have to protect all of that.”

Organizations will need to address the risk caused by the growing use of personal devices in the enterprise, according to industry pros who spoke with IT Brew. In order to protect valuable work assets, companies should enact measures that authenticate not just the user but the device.

Some stats

Employees are working from home and using their own devices to do it:

• According to an early 2022 Pew Research study, 59% of US workers who said their jobs can mainly be done from home are WFHing most or all of the time.
• In December 2021 and January 2022, Oxford Economics and Samsung polled 500 executives and 1,000 employees; 57% of respondents said smartphones are essential to their jobs, and 39% of employers allow staff to work on their own devices.
• BlackCloak surveyed over 1,000 members of its platform and found that 87% of executives’ personal devices had no security installed, and 27% contained malware.

The potential risk of working from phone

With one wrong download, a personal device can install malicious code, including spyware that can funnel company data while an employee opens business applications like email, said Paddy Harrington, a senior analyst at Forrester.

“That corporate information is now getting siphoned off through that spyware app, sent out to malicious actors who are now collecting that data, and maybe they’re also going to collect login information. So they now have a way to attack the network,” according to Harrington.

While IT teams frequently deploy two-factor authentication to verify a user, Harrington said that companies often fall short in establishing trust with the device.

Is it running the latest OS, for example? Does it have endpoint security? Is it a known device?

“A lot of companies don’t interpret the endpoint. So they don’t fully figure out the device connecting,” Harrington told IT Brew.

Read the rest here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.

Retaining software devs and IT pros has everything to do with allowing them to take risks, according to a new survey by feature flag and toggle platform LaunchDarkly.

LaunchDarkly surveyed 500 US software developers at companies with a minimum of 100 employees and found broad agreement that workplaces that encourage psychological safety—the confidence to speak up or take risks without fear of unwarranted backlash—empower them to innovate more. The survey also found that 67% of developers know someone who left a job over pressure to minimize deployment errors, while 52% of respondents reported their workplaces encourage only low levels of risk or pressure them to minimize rollbacks.

With massive releases giving way to models that emphasize smaller, more frequent updates, Ravi Tharisayi, LaunchDarkly’s senior director of product marketing, told IT Brew that leadership can help by emphasizing positive developer outcomes like code quality or code in production.

“One of the interesting findings was that when leadership places in improving developer outcomes as either a top or large priority, our survey found that 91% of developers in those organizations said that they were very satisfied with their jobs,” Tharisayi said. “And these developers were more than twice as likely to say their company is much more innovative than their peers.”

The survey also indicated that where positive developer outcomes are the priority, teams were far more likely to be rolling out new code to customers on a weekly basis or even more frequently.

While 100% of respondents agreed that new development approaches can benefit business outcomes, 61% felt company processes either significantly or somewhat hindered efforts to come up with innovative solutions. Nearly half of respondents (49%) said changes to code require manual approval “most or all of the time,” even though prior research, such as the DevOps’s research and assessment program, has indicated streamlined processes such as more automatic approvals are important for things like a healthy work environment and minimizing burnout.

Read more here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @thetomzone on Twitter. Want to go encrypted? Ask Tom for his Signal.

Today’s top IT reads.

Stat: 59,129. That’s the number of Tesla vehicles globally affected by a recall from Germany’s road traffic agency, after it detected a flaw in the EV’s eCall emergency system that prevented automatic contact with first responders. (ITPro)

Quote: “Today we have let you down.” —Tony Staffieri, CEO of Canadian telecom giant Rogers, apologizing after a network outage interrupted telecom service throughout Canada

Read: Elon Musk’s plan to purchase Twitter is up in the air as the Tesla CEO tries to back out of the deal, citing the inability to assess the number of spam accounts on the platform. (the Verge)